<?php
include('../../../db.php');


function sendLoginEmail ($email) {
/* send login email */
			$to = $email;
			$subject = 'Confirm Registration';
			$message = "Click the link below to confirm your registration. \n
			<a href='http://gdecastro2.cuttingedgespace.com/DirectOrder/script/confirm.php?email=$email>Complete Registration</a> \n  
			Thank you for registering with us.";
			$headers = "From: directorder@gdecastro2.cuttingedgespace.com";
			$success = mail($to,$subject,$message,$headers);
			return $success;
		}
function isLoggable($formInput){
/* returns the response from the	*
 * attempt to log in				*/
	global $db;
	
	$lUsername = $formInput['login_username'];
	$lPassword = $formInput['login_password'];
	$lPassword = sha1($lPassword);
	
	$query = "SELECT * FROM users WHERE username = :u AND password = :p AND confirmed = 1";
	$statement = $db->prepare($query);
	$statement->bindValue(':u',$lUsername);
	$statement->bindValue(':p',$lPassword);
	$statement->execute();

	$rowCount = $statement->rowCount();
	$statement ->closeCursor();
	
		
	if ($rowCount == 1) {
			  // if there is a row in the database, they can enter the site
			  return 'true';
	}
	else {
			// if unable to enter, bring back the login page
			// Define error message
			$query = "SELECT * FROM users WHERE username = :u AND password = :p";
		$statement = $db->prepare($query);
		$statement->bindValue(':u',$lUsername);
		$statement->bindValue(':p',$lPassword);
		$statement->execute();
		
		$rowCount = $statement->rowCount();
		$statement ->closeCursor();
		
		if($rowCount == 1)
		{
			$login_error = 'Your account is not confirmed';
		}
		else
		{
			$query = "SELECT * FROM users WHERE username = :u";
			$statement = $db->prepare($query);
			$statement->bindValue(':u',$lUsername);
			$statement->execute();
			
			$rowCount = $statement->rowCount();
			$statement ->closeCursor();
			
			if($rowCount == 1){
				$login_error = 'Incorrect password.';
			}
			else{
				$login_error = "This username doesn't exists.";
			}
		}
		return '<span id=\'login_error\'>'.$login_error.'</span>';
	}
}
function register($formInput){
	$sign_name 		= $formInput['sign_name'];
	$sign_surname 	= $formInput['sign_surname'];
	$sign_email 	= $formInput['sign_email'];
	$sign_username 	= $formInput['sign_username'];
	$sign_password 	= $formInput['sign_password'];

			
	if(!empty($sign_username)){
		$query = "SELECT * FROM  `users` WHERE username =  :u OR email =  :e";
		$statement = $db->prepare($query);
		$statement->bindValue(':u',$sign_username);
		$statement->bindValue(':e',$sign_email);
		$statement->execute();

		$rowCount = $statement->rowCount();
		$statement ->closeCursor();
	  
		/*
		THIS WAS NOT TESTED YET
		if ($rowCount == 1) {
					// if there is a row in the database, they can not sign up
					$query = "SELECT * FROM users WHERE username = :u";
			$statement = $db -> prepare($query);
			$statement -> bindValue(':u',$sign_username);
			$statement -> execute();
			$rows = $statement -> rowCount();
			$statement -> closeCursor();
			
			if ($rows == 1) {
				$signup_error = 'Username is already taken.  Please choose another.';
			}
			else {
				$signup_error = 'This email already has an account with us.  Please use another email.';
			}
			}
			else {
			  
				$query = "INSERT INTO users (name, surname, email, username,password) VALUES(:sName, :sSurname, :sEmail, :sUsername, :sPsw)";

				$statement = $db->prepare($query);
				$statement->bindValue(':sName', $sign_name);
				$statement->bindValue(':sSurname', $sign_surname);
				$statement->bindValue(':sEmail', $sign_email);
				$statement->bindValue(':sUsername', $sign_username);
				$sign_password = sha1($sign_password); //Password Encrypt
				$statement->bindValue(':sPsw', $sign_password);
				
				$statement->execute();
			  
				$statement->closeCursor();
				
				header('Location: ../index.php');
		  }
		  return '<span id=\'signup_error\'>'.$signup_error.'</span>';

	}
	else{
	  $signup_error = 'There is something wrong with your.';
	  return '<span id=\'signup_error\'>'.$signup_error.'</span>';
	}
}
*/
	}
}
?>